Opened 16 years ago
Closed 16 years ago
#2252 closed defect (fixed)
Possible buffer overflow in template processing
| Reported by: | dmorissette | Owned by: | dmorissette |
|---|---|---|---|
| Priority: | normal | Milestone: | 5.0 release |
| Component: | MapServer C Library | Version: | svn-trunk (development) |
| Severity: | normal | Keywords: | |
| Cc: |
Description
There is a small possibility of buffer overflow in processLine() (maptemplate.c). To trigger it you'd need a mapfile with a layer name, group name or metadata entry name longer than 5120 chars which is probably larger than what the parser would accept, but we'll fix it just in case.
Note:
See TracTickets
for help on using tickets.
Fixed. Will be in 5.0-beta5 (r6669) and in 4.10.3 (r6668).